June 30, 2016
What to Do (And Not Do) After a Data Breach
It’s not always easy to know what to do after a data breach. In addition to trying to uncover the root cause, a plan must be put in place to minimize loss of trust and brand integrity. To weather the aftermath of a problem with business information security, you need to respond proactively and avoid common pitfalls.
What You Should Do
Start the cleanup process by getting touch with legal counsel that specializes in cyber security, and employ an external organization to help investigate the incident. Getting outside help circumvents problems that may arise should the breach turn out to be the result of malicious activity in-house.
Meet with your executive team to implement solid security policies going forward. Include a clean desk policy (CDP) that requires everyone in the company to clear papers and removable media from their desks at the end of the day. Run routine practice exercises to ensure that employees understand how to follow new protocols.
What You Shouldn’t Do
When it comes to what to do after a data breach, many companies make the mistake of reporting the incident publicly before they have complete information. Another common blunder is trying to cover up the breach or shift blame in an attempt to preserve the corporate image. Being transparent and forthcoming with a full report that includes your plan for recovery is the best way to serve your customers.
To get this information, however, it’s necessary to keep networks and devices up and running until the breach has been fully investigated. Being reactive and shutting everything down could destroy important evidence. If you discover a breach while the hackers are still in the process of accessing your information, trying to block further actions could alert them to the fact that they’ve been discovered. It’s best to work with a cyber security firm to catch hackers in the act than to lose the opportunity to pin down the culprits.
Facing the Future
A plan for remediation is essential when cleaning up after a breach in business information security. Taking care of your customers should be a top priority as you seek to re-establish the positive relationships that existed before the breach. Make sure that customers know exactly what you’re doing to fix the problem, and follow through on your promises in a timely manner.
Inside the company, make media and document destruction a regular part of your routine. The ongoing shredding service from PROSHRED® Miami lets you choose to dispose of sensitive information every day, every week or every month. With a plan like this in place, you can prevent future data loss and move forward to a more secure future.